<?php
$jQuery = true;
require_once ('../../config/include_paths.php');
require_once('config.php');
require_once ('functions.php');
$pageTitle = SITE_NAME.' - Administration';
require_once('dbconnect.php');	// database connect script.
 
// TO DO*******Should use some proper HTML filtering here*********
if($_POST['editHTML']=='') {// if the text editor is empty
	$sHeader = '<h1>No Text</h1>';
    $sContent = '<p>Please use the text editor to submit a description</p>';
	echo $sHeader.'<br>'.$sContent;
	echo '<a href="javascript: history.go(-1)">&nbsp;&lt;&lt;&nbsp;back</a>';
}

// make sure the file is not bigger than 2MB
if ($_FILES["file"]["size"] > 2097152) {
  echo "File must be no larger than 2MB";
}

	
//if 'edit' then check if there is a new file or not and process appropriately
if($_POST['id']) {
		//if there is a replacement file then delete the existing file
		if($_FILES["file"]["name"] != '') {
			$path=APP_ROOT."/public_html/uploads/".$_POST['currentFile'];
			unlink($path);
			//first check if there is a duplicate file name
			if (file_exists(APP_ROOT."/public_html/uploads/" . $_FILES["file"]["name"])) {
		 		echo $_FILES["file"]["name"] . "Duplicate file name, please choose another.";
		  		echo '<a href="javascript: history.go(-1)">&nbsp;&lt;&lt;&nbsp;back</a>';
		  		die;
			}
			//no duplicate name then move the replacement file to the events folder
			move_uploaded_file($_FILES["file"]["tmp_name"], 
			APP_ROOT."/public_html/uploads/" . $_FILES["file"]["name"]);	
			$_POST['file'] = $_FILES['file']['name'];// now that the file is handled send just the name to the DB
		}else{// file not replaced
			$_POST['file']=$_POST['currentFile']; //if there is not a replacement file then set the name so not blank
			$fileChange=false;
		}
//if this is a new event not an 'edit'
} else {
		//first check if there is an existing file with the same name
		if (file_exists(APP_ROOT."/public_html/uploads/" . $_FILES["file"]["name"]) && $_FILES["file"]["name"] != '') 
			  {
			  echo $_FILES["file"]["name"] . "A file already exists with the same name, please choose another.";
			  echo '<a href="javascript: history.go(-1)">&nbsp;&lt;&lt;&nbsp;back</a>';
			  die;
		}
		//no existing with the same name then move the file to the events folder
		move_uploaded_file($_FILES["file"]["tmp_name"], 
		APP_ROOT."/public_html/uploads/" . $_FILES["file"]["name"]);
		$_POST['file'] = $_FILES['file']['name']; // now that the file is handled send just the name to the DB
}
// handle sort choice
if (isset($_POST['sortChoice'])) 
	{$sortChoice = $_POST['sortChoice'];  //set variable  
	}else{
	$sortChoice = 'lastItem';
}
if (isset($_POST['sortSelect'])) 
	{$sortSelect = $_POST['sortSelect'];
}
unset($_POST['sortChoice']);
unset($_POST['sortSelect']);
// remove post vars so processTable does not pick up
$formtable = $_POST['tableID'];
$query = "SELECT record_order FROM $formtable order by record_order LIMIT 1";
$result = mysql_query($query);
while ($row = mysql_fetch_assoc($result)) {
	$first = $row['record_order'];
}
$query =  "SELECT record_order FROM $formtable order by record_order DESC LIMIT 1";
$result = mysql_query($query);
while ($row = mysql_fetch_assoc($result)) {
	$last = $row['record_order'];
}
// now update the database
if ($_POST['tableID'] == 'modules') {
	$returnPage = 'homeDashboard.php';
	if ($_POST['page_id'] == '2') {
		$returnPage = 'news_eventsDashboard.php';
	}
	processTable('modules');	
} else if ($_POST['tableID'] == 'events') {
	$returnPage = 'events.php';
	//if not start or end time selected set to 00:00:01 (one second afer midnight) a special value we will use to mean "none"
	if ($_POST['eventStartTime'] == '') {
		$_POST['eventStartTime'] = '00:00:01';
	}
	if ($_POST['eventEndTime'] == '') {
		$_POST['eventEndTime'] = '00:00:01';
	}	
	processTable('events');
}
//now give the user feedback
$allowedTags='<p><strong><em><u><h1><h2><h3><h4><h5><h6><img>';
$allowedTags.='<li><ol><ul><span><div><br><ins><del>'; 
$sContent = strip_tags(stripslashes($_POST['editHTML']),$allowedTags);
$title = $_POST['title'];
$file = $_POST['file'];
if ($_POST['tableID'] == 'events') {
	$eventDate = $_POST['eventDate'];
	$eventEndDate = $_POST['eventEndDate'];
	if ($_POST['eventStartTime'] != '') {
		$eventStartTime = 'From:'.date('h:iA', strtotime($_POST['eventStartTime']));
	}
	if ($_POST['eventEndTime'] != '') {
		$eventEndTime = ' To:'.date('h:iA', strtotime($_POST['eventEndTime']));
	}
}
$lasteditor = $_POST['editor'];	
$editdate = $_POST['editdate'];
// TO DO write time format function so can be changed to local format
require_once ('adminhead.php');
?>
<body onLoad="checkMenuSettings();">
<div id="wrapper">
    <?php require_once ('adminHeader.php'); ?>
  <div class="clearfloat">&nbsp;</div>
  <div id="sidebar">
	<?php require_once ('adminNav.php'); ?>
  </div>
        
    <div id="main_content">
    <div id="dbResults">
		<h2><?php echo $_SESSION['message'] ?></h2>
		<p>Title: <?php echo $title ?></p>
        <?php if ($_POST['tableID'] == 'events') {?>
		<p>Date: <?php echo $eventDate;
		if ($eventEndDate){
			echo ' to '.$eventEndDate;
			echo $eventStartTime;
			echo $eventEndTime;
		}
		?>
        </p><?php } ?>
        <hr />
		<?php echo $sContent ?>
        <hr />
		<p>File Name:<?php echo $file ?></p>
		<?php if ($_SESSION['admin'] == 1) { 
		echo 'Last Editor:'.$lasteditor.' Last Edit Date:'.$editdate;
} ?>	<button onClick="window.location='<?php echo $returnPage ?>'">OK</button>
	</div>
    </div>
</div>
<?php mysql_close($conn); ?>
</body>
</html>